﻿using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Mvc;
using System.Security.Claims;
using Microsoft.AspNetCore.Authorization;

namespace Dotnet6.Web.Controllers
{
    [AllowAnonymous]
    public class AuthController : Controller
    {
        public IActionResult Login()
        {
            return View();
        }

        [HttpPost]
        public async Task<IActionResult> Login(string account, string password)
        {
            if (account != "admin" || password != "666")
            {
                ViewBag.msg = "用户名或密码错误！";
                return View();
            }
            var claims = new List<Claim>(){
                new Claim(ClaimTypes.Name,account),
                new Claim(ClaimTypes.Role,"admin"),
            };
            var userPrincipal = new ClaimsPrincipal(new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme));
            await HttpContext.SignInAsync(userPrincipal);
            return RedirectToAction("index", "home");
        }

        public async Task<IActionResult> Logout()
        {
            await HttpContext.SignOutAsync();
            return RedirectToAction("index", "home");
        }
    }
}
